Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/bmYCW6hxdPtPj7svX4gAGehxI0g.roa
File: bmYCW6hxdPtPj7svX4gAGehxI0g.roa (raw, json)
Hash identifier: ghRLSQ4oD9wHC8A4h6ewe6YD2SM8GZB1zLZ3z7qdxxE=
Subject key identifier: 6E:66:02:5B:A8:71:74:FB:4F:8F:BB:2F:5F:88:00:19:E8:71:23:48
Certificate issuer: /CN=156f04fc5ca875315ab0b854b64506b09c998e9a
Certificate serial: 0185730386E169AC71F009EABEE91D09BE8F
Authority key identifier: 15:6F:04:FC:5C:A8:75:31:5A:B0:B8:54:B6:45:06:B0:9C:99:8E:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FW8E_FyodTFasLhUtkUGsJyZjpo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/bmYCW6hxdPtPj7svX4gAGehxI0g.roa
Signing time: Mon 02 Jan 2023 15:04:49 +0000
ROA not before: Mon 02 Jan 2023 15:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39591
IP address blocks: 193.23.113.0/24 maxlen: 24
91.198.234.0/24 maxlen: 24
2001:678:668::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:86:e1:69:ac:71:f0:09:ea:be:e9:1d:09:be:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=156f04fc5ca875315ab0b854b64506b09c998e9a
Validity
Not Before: Jan 2 15:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e66025ba87174fb4f8fbb2f5f880019e8712348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c9:a7:f8:96:d3:59:ff:1b:f2:36:79:1e:87:
75:80:5a:b0:db:9a:dc:21:79:19:6b:4e:61:0c:e5:
4d:09:08:df:90:7b:0b:44:a1:68:e8:b9:7c:c0:8b:
91:52:a4:1a:9e:70:51:61:5f:06:ad:87:9f:ee:71:
37:f1:70:f1:da:86:42:87:46:98:cd:73:04:54:41:
99:3b:17:78:36:b1:9a:86:dd:d3:b5:6b:8f:95:4c:
b1:e5:44:78:1f:8b:ca:0e:81:3d:86:68:cb:ca:cf:
48:c7:92:fa:6b:6b:2d:fa:31:e8:7d:6a:c6:41:65:
d1:84:d1:97:9b:44:dc:c6:98:dc:aa:de:d0:9c:80:
0a:e5:18:1d:49:4c:fa:cc:ed:c4:04:48:bc:8e:4f:
4f:4c:44:4f:cd:0f:ce:f0:d7:28:91:c6:cd:29:b9:
86:43:c1:8a:45:7b:f8:ec:b7:ad:a1:4e:41:e8:a9:
05:6a:31:c7:44:5e:04:fe:65:16:4b:3e:69:9f:4f:
85:f2:88:59:bd:fc:41:b1:40:f4:30:90:7b:06:a4:
b2:0f:dc:a1:79:75:b3:12:20:aa:2b:ea:e1:c5:ac:
7d:0b:ec:4e:8b:f4:8a:5d:05:a8:9d:8e:b0:14:0e:
b3:f6:41:50:5e:6f:4a:14:8b:93:36:68:cc:53:ff:
6e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:66:02:5B:A8:71:74:FB:4F:8F:BB:2F:5F:88:00:19:E8:71:23:48
X509v3 Authority Key Identifier:
keyid:15:6F:04:FC:5C:A8:75:31:5A:B0:B8:54:B6:45:06:B0:9C:99:8E:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW8E_FyodTFasLhUtkUGsJyZjpo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/bmYCW6hxdPtPj7svX4gAGehxI0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f710ce-440f-405f-ac50-aa942994fc60/1/FW8E_FyodTFasLhUtkUGsJyZjpo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.234.0/24
193.23.113.0/24
IPv6:
2001:678:668::/48
Signature Algorithm: sha256WithRSAEncryption
a9:b1:f9:c7:b4:ad:65:b4:e7:6c:7a:06:7f:c8:e9:fc:ff:d4:
4a:f3:88:72:22:1f:af:54:d8:e5:f0:14:dd:5e:2b:09:01:05:
54:94:98:03:bf:9e:8b:d5:42:d7:a7:c5:be:c5:d5:a1:c5:a1:
d3:d8:2a:78:92:32:1c:03:c9:18:24:39:d1:ab:c1:30:3b:db:
64:e4:50:2e:1e:0e:b5:99:fc:7a:c1:84:0a:2d:03:f5:64:d8:
7b:b2:c4:78:8b:26:d4:1a:ec:04:23:60:ba:b0:bf:23:63:9b:
a5:61:2e:f9:0c:d4:4e:bc:69:d7:3a:94:78:8a:39:52:a2:07:
52:c1:71:13:74:5f:20:f0:43:30:86:d1:f9:c1:84:6c:bb:8c:
05:ca:dd:c9:b1:41:7c:ab:52:37:bc:55:e6:f9:f8:58:44:ed:
9e:c8:d7:fb:38:67:ff:00:08:f0:12:a8:ac:c4:cc:53:8b:d1:
1f:bc:70:37:d6:21:eb:93:2d:7d:85:28:0e:ed:da:6c:08:bb:
89:6a:0a:db:8b:19:c5:75:72:15:0d:9d:df:3f:f4:d5:dd:42:
53:54:ab:f1:42:3d:0b:ee:50:41:d2:b9:44:80:5d:5f:e5:28:
80:3f:18:80:2b:ad:f6:7d:83:c0:2c:78:a7:58:ee:bd:60:9b:
e4:44:42:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVzA4bhaaxx8AnqvukdCb6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmYwNGZjNWNhODc1MzE1YWIwYjg1NGI2NDUwNmIwOWM5
OThlOWEwHhcNMjMwMTAyMTUwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY2MDI1YmE4NzE3NGZiNGY4ZmJiMmY1Zjg4MDAxOWU4NzEyMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsmn+JbTWf8b8jZ5Hod1gFqw25rc
IXkZa05hDOVNCQjfkHsLRKFo6Ll8wIuRUqQannBRYV8GrYef7nE38XDx2oZCh0aY
zXMEVEGZOxd4NrGaht3TtWuPlUyx5UR4H4vKDoE9hmjLys9Ix5L6a2st+jHofWrG
QWXRhNGXm0Tcxpjcqt7QnIAK5RgdSUz6zO3EBEi8jk9PTERPzQ/O8NcokcbNKbmG
Q8GKRXv47LetoU5B6KkFajHHRF4E/mUWSz5pn0+F8ohZvfxBsUD0MJB7BqSyD9yh
eXWzEiCqK+rhxax9C+xOi/SKXQWonY6wFA6z9kFQXm9KFIuTNmjMU/9u5QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG5mAluocXT7T4+7L1+IABnocSNIMB8GA1UdIwQY
MBaAFBVvBPxcqHUxWrC4VLZFBrCcmY6aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlc4RV9GeW9kVEZhc0xoVXRrVUdzSnlaanBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNzEwY2UtNDQwZi00MDVmLWFjNTAt
YWE5NDI5OTRmYzYwLzEvYm1ZQ1c2aHhkUHRQajdzdlg0Z0FHZWh4STBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNzEwY2UtNDQwZi00MDVmLWFjNTAtYWE5NDI5OTRmYzYw
LzEvRlc4RV9GeW9kVEZhc0xoVXRrVUdzSnlaanBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW8bqAwQA
wRdxMA8EAgACMAkDBwAgAQZ4BmgwDQYJKoZIhvcNAQELBQADggEBAKmx+ce0rWW0
52x6Bn/I6fz/1ErziHIiH69U2OXwFN1eKwkBBVSUmAO/novVQtenxb7F1aHFodPY
KniSMhwDyRgkOdGrwTA722TkUC4eDrWZ/HrBhAotA/Vk2HuyxHiLJtQa7AQjYLqw
vyNjm6VhLvkM1E68adc6lHiKOVKiB1LBcRN0XyDwQzCG0fnBhGy7jAXK3cmxQXyr
Uje8Veb5+FhE7Z7I1/s4Z/8ACPASqKzEzFOL0R+8cDfWIeuTLX2FKA7t2mwIu4lq
CtuLGcV1chUNnd8/9NXdQlNUq/FCPQvuUEHSuUSAXV/lKIA/GIArrfZ9g8AseKdY
7r1gm+REQmY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:48 2024 by rpki-client on console-fra.rpki-client.org